Updates:
Status: Started
Cc: [email protected] [email protected]
Labels: -Area-Misc Area-BrowserBackend
Comment #3 on issue 3592 by [email protected]: EV Revocation check should
not block the I/O thread
http://code.google.com/p/chromium/issues/detail?id=3592
I have started to work on this. Since certificate verification
is similar to hostname resolution (getaddrinfo) in that
1. both do network I/O and may block indefinitely, and
2. neither function can be cancelled,
I created a CertVerifier class based on the HostResolver class
we're using to do hostname resolution.
I have moved the certificate verification in SSLClientSocket
off the IO thread. Unfortunately the timing change exposes
the latent bug that we're not caching intermediate CA
certificates (issue 3154). So I'll need to deal with that at
the same time.
After all this is done, I will then move the EV verification
off the IO thread. Ideally the EV verification should be
combined with the certificate verification done by
SSLClientSocket. With WinHTTP, the EV verification has to be
separate because WinHTTP does the certificate verification
internally.
--
You received this message because you are listed in the owner
or CC fields of this issue, or because you starred this issue.
You may adjust your issue notification preferences at:
http://code.google.com/hosting/settings
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"Chromium-bugs" group.
To post to this group, send email to [email protected]
To unsubscribe from this group, send email to
[email protected]
For more options, visit this group at
http://groups.google.com/group/chromium-bugs?hl=en
-~----------~----~----~----~------~----~------~--~---
